Executive Summary
Summary | |
---|---|
Title | Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Session Initiation Protocol Denial of Service Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20180606-multiplatform-sip | First vendor Publication | 2018-06-06 |
Vendor | Cisco | Last vendor Modification | 2018-06-06 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability exists because the firmware of an affected phone incorrectly handles errors that could occur when an incoming phone call is not answered. An attacker could exploit this vulnerability by sending a set of maliciously crafted SIP packets to an affected phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-multiplatform-sip ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-multiplatform-sip"] BEGIN PGP SIGNATURE iQJ5BAEBAgBjBQJbGAZDXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfczGjsP/iwxgGmFfKlk8gYg7DqdkJzpPJpq NyPCkwv4W7Y522G097G46+2RaNsEzDsQI9X9QuN+c9dHmM/5b5LWKJPGAkUaB/Jv enl4Y8oG+BruI81t3YxKzeRPTx7cQ9xVXJB9j9NQUOxsKcyYinMcLximzoqQJ/ji Cz1lumojIqq3h/qNSksq8VcohGSjIbEcZQ93jK7eczWLSFzkLwJHK12cYXpivJtm 5Sm4Y2k2HIB89Hh11O4QMpprbF2SwnRnYKkLQwK4GfIW3086A4kCkMrS1wlpfmUo 7/PT61yvpRMzvFOvkDRqtEmhgYVIV7tweiLf2iMujHiqyP1G/2pT5PNHB6g8yKDl Rxzln9blp9Bw7MJq43OgXAejBCp7+yFeibXpzPsEu1Wi9k+85S2kEMLkjGQRpYAO EPwQwpHJ70Yo3KtRnKL73FT4Ki8dpRjQs08O2Uo+B0d3l9uQjCAIwZlAUNV1tUiU xLWz/FehK5aU2gqyTJ2FTPiHdoakdtM3/2HnFc9PIbMfOOK0Amnn9RwDI7J9E+e4 hH91ZopgfzVql7+dVVGPpEpGoJgy4LFiTCHA7jTU8B8SKq/xIi75r/ezAg4XRrlA VewxXcSjsP/gqKKvby22LFh7JMKKuPoaIcMIE92B9EP6wRbmaZVQexCv/1R542Yr Q/vPBA5rfVZacMNt =QrNY END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-755 | Improper Handling of Exceptional Conditions |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 |
Alert History
Date | Informations |
---|---|
2018-07-20 17:21:13 |
|
2018-06-07 17:21:02 |
|
2018-06-06 21:19:04 |
|